nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-03 00:52:49 -05:00
Code Activity

Direct upload to Azure/Local (#1188)

Browse Source 
* Direct upload to azure

To validate file sizes in the event of a rogue client, Azure event webhooks
will be hooked up to AzureValidateFile.
Sends outside of a grace size will be deleted as non-compliant.

TODO: LocalSendFileStorageService direct upload method/endpoint.

* Quick respond to no-body event calls

These shouldn't happen, but might if some errant get requests occur

* Event Grid only POSTS to webhook

* Enable local storage direct file upload

* Increase file size difference leeway

* Upload through service

* Fix LocalFileSendStorage

It turns out that multipartHttpStreams do not have a length
until read. this causes all long files to be "invalid". We need to
write the entire stream, then validate length, just like Azure.

the difference is, We can return an exception to local storage
admonishing the client for lying

* Update src/Api/Utilities/ApiHelpers.cs

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Do not delete directory if it has files

* Allow large uploads for self hosted instances

* Fix formatting

* Re-verfiy access and increment access count on download of Send File

* Update src/Core/Services/Implementations/SendService.cs

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Add back in original Send upload

* Update size and mark as validated upon Send file validation

* Log azure file validation errors

* Lint fix

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
This commit is contained in:
Matt Gibson
2021-03-21 23:01:19 -05:00
committed by GitHub
parent fd42b227b3
commit 989d4df599
14 changed files with 393 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
src/Core/Services/Implementations/AzureSendFileStorageService.cs
View File

@ -5,6 +5,7 @@ using System.IO;
using System;
using Bit.Core.Models.Table;
using Bit.Core.Settings;
using Bit.Core.Enums;
namespace Bit.Core.Services
{
@ -15,6 +16,8 @@ namespace Bit.Core.Services
private readonly CloudBlobClient _blobClient;
private CloudBlobContainer _sendFilesContainer;
public FileUploadType FileUploadType => FileUploadType.Azure;
public static string SendIdFromBlobName(string blobName) => blobName.Split('/')[0];
public static string BlobName(Send send, string fileId) => $"{send.Id}/{fileId}";
@ -71,6 +74,54 @@ namespace Bit.Core.Services
return blob.Uri + blob.GetSharedAccessSignature(accessPolicy);
}
public async Task<string> GetSendFileUploadUrlAsync(Send send, string fileId)
{
await InitAsync();
var blob = _sendFilesContainer.GetBlockBlobReference(BlobName(send, fileId));
var accessPolicy = new SharedAccessBlobPolicy()
{
SharedAccessExpiryTime = DateTime.UtcNow.Add(_downloadLinkLiveTime),
Permissions = SharedAccessBlobPermissions.Create | SharedAccessBlobPermissions.Write,
};
return blob.Uri + blob.GetSharedAccessSignature(accessPolicy);
}
public async Task<(bool, long?)> ValidateFileAsync(Send send, string fileId, long expectedFileSize, long leeway)
{
await InitAsync();
var blob = _sendFilesContainer.GetBlockBlobReference(BlobName(send, fileId));
if (!blob.Exists())
{
return (false, null);
}
blob.FetchAttributes();
if (send.UserId.HasValue)
{
blob.Metadata["userId"] = send.UserId.Value.ToString();
}
else
{
blob.Metadata["organizationId"] = send.OrganizationId.Value.ToString();
}
blob.Properties.ContentDisposition = $"attachment; filename=\"{fileId}\"";
blob.SetMetadata();
blob.SetProperties();
var length = blob.Properties.Length;
if (length < expectedFileSize - leeway || length > expectedFileSize + leeway)
{
return (false, length);
}
return (true, length);
}
private async Task InitAsync()
{
if (_sendFilesContainer == null)